def test_prevent_sql_injection(database):
    malicious_input = "'; DROP TABLE playlists; --"
    with pytest.raises(DatabaseError):
        database.execute(f"SELECT * FROM playlists WHERE name = '{malicious_input}'")